Diald will bring up a dialup link whenever there is traffic bound for the outside world. To make this slight of hand work, it defines a fake device, "sl0", at startup and sets the default routing table to point to this device (the device is also given a bogus IP address which is chosen from among the non-routable addresses from a subnet that doesn't otherwise exist at your site).
Whenever anyone sends a packet to the outside world, the default routing will send it to "sl0". Diald catches this packet and begins dialing the phone (using the dialer of your choice, usually vwdial or chat). When the phone is answered and the login sequence completed, pppd or whatever other link manager is being used is spawned and a new device of the appropriate type is created.
Then, the routing tables are altered to make the new device the default and the packet that diald intercepted is rerouted to the new device. So far, so good.
When the link is up and the new device created, a new set of firewall rules must be defined, to point to the new device, etc. This is done by running the usual ip-up script or diald's addroute script.
Normally, that's all that need be done but, if you are using masquerade to deliver packets from network-attached workstations, through the system, the masquerading is usually done by the firewall. This means that a second copy of the firewall rules must run when the link is down to send the masqueraded packets to "sl0". Otherwise, packets bound for the outside world from the network-attached workstations will not cause diald to bring up the link because they will never be sent to "sl0".
Hence, if you'll be using masquerading, you'll need to start your firewall at boot time (pointing it to "sl0" but only after diald has been allowed to run and create the device) and you'll need an ip-down script to put it back in place when the link comes down. In the case of NARC, this particularly means that you should be sure to set the NARC configuration to bring up the firewall at boot time and masquerade on the external interface sl0.
/etc/rc.d/init.d/dialdaemon:
Brings up diald to automatically dial up PPP connections to the Internet on an as-needed basis.
"start" - Starts up diald.
"stop" - Shuts diald down.
You must create the diald script, a sample of which, is shown below, since it is not usually supplied with the OS or diald install. This script can be installed using chkconfig, whereupon it will run at startup and bring up diald to listen for outbound traffic that can't be delivered locally:
#! /bin/sh
#
# dialdaemon - Script to start/stop the PPP dialer daemon.
#
# chkconfig: 2345 11 89
# description: PPP dialer automatically brings up dialup link on demand
#
# Define the serial port for modem or PCI modem.
#
COMPORT=/dev/ttyS3
case "$1" in
#
# Upon startup, fire up the PPP dialer daemon. This will set up sl0
# and wait for traffic on the link. When traffic is detected, the PPP
# link will be dialed up and routing will be switched to ppp0.
#
# If the port with the modem is a serial device on com3 or com4, use
# the setserial command (or something like it) to set up the port.
# Note that setserial is used to set up the port for proper use of an
# alternate interrupt request line, due to conflicts.
#
# If the port is a PCI device, use the 3ComMdm command to set up the
# port.
#
start)
echo -n "Starting up PPP automatic dialing:"
#
# If the modem port is not set up by startup, you may want to try one
# of the following commands, as noted above, to set it up.
#
# /bin/3ComMdm ${COMPORT}
# /bin/setserial ${COMPORT} port 0x3E8 irq 7
rm -f /dev/modem
ln -s ${COMPORT} /dev/modem
/usr/sbin/diald
echo "."
;;
#
# Upon shutdown, find the dialer dameon's pid and kill it.
#
stop)
echo -n "Stoping PPP automatic dialing:"
ddpid="`/bin/ps -A | grep 'diald' | awk '{print $1}'`"
kill $ddpid
echo "."
;;
#
# For all other cases, give help.
#
*)
echo "Usage: /etc/rc.d/init.d/dialdaemon {start|stop}"
exit 1
;;
esac
exit 0
Additional information can be found in:
diald.unix.ch/FAQ/diald-faq.html
www.loonie.net/~eschenk/diald.html
diald.sourceforge.net
Install this script in /etc/rc.d/init.d but do not enable it, if you will be using the transport switcher (below). Otherwise, install it with:
chkconfig --add dialdaemon
chkconfig dialdaemon on
/usr/sbin/diald:
The diald program itself.
/etc/diald.conf:
Diald configuration file. You must supply this file, a sample of which is shown. Note that, if you change this file, you must stop and then start the diald task for the changes to take effect. Do this with dialdaemon script (above). Here is a sample in which the port being used is /dev/ttyS3:
mode ppp
connect /usr/lib/diald/connect-eskimo
device /dev/ttyS3
speed 115200
modem
# lock
crtscts
local 192.168.2.253
remote 192.168.2.254
netmask 255.255.255.0
dynamic
defaultroute
mtu 1500
include /usr/lib/diald/standard.filter
# addroute /usr/lib/diald/connect-addroute
If you will use wvdial to establish the connection, you shouldn't use the "lock" parameter, as this locks the modem and prevents wvdial from working. If you're going to use chat, "lock" may be appropriate.
If you have a standard ip-up and ip-down script (or ip-up.local and ip-down.local, see below) in /etc/ppp, you probably don't need the addroute parameter. The job of the script that is run by this parameter is to alter the firewall rules and bring up anything that is only run when PPP is up. It also shuts down things and sets the firewall rules back to what they were when the PPP connection comes down. Hence, if you regular ip-up and ip-down scripts do everything, it is unnecessary.
/usr/lib/diald/connect-*:
Connection parameters used to connect to various dialup services. A sample for eskimo is shown below. In order to figure out how the diald script should be written, you can run wvdial manually to connect to the host and observe the entire modem dialing and host login sequence the first time. From there, you should be able to determine what the chat sequences should be for diald.
However, you can also use wvdial as your dialer and dispense with all the crap-oh-la. Once you get wvdial working, set up the following simple script and aim diald at it. Trust me. You'll thank me for this. Here is an example of how to use an already-working wvdial configuration to dial eskimo:
#!/bin/sh
#
# Run wvdial as the dialer for diald to connect to Eskimo
#
/usr/bin/wvdial --chat eskimo
If you haven't had enough aggravation in your day or wvdial is incapable of figuring out the screwy logon negotiation that your ISP uses, you may have to hand build a chat script. Here is a sample of one that might work to connect to Eskimo:
#!/bin/sh
#
# This script will dial to Eskimo.
#
# The "message" facility of diald is used to communicate progress through
# the dialing process to a diald monitoring program such as dctrl or diald-top.
# It also reports progress to the system logs. This can be useful if you
# are seeing failed attempts to connect and you want to know when and why
# they are failing.
#
# This script requires the use of chat-1.9 or greater for full
# functionality. It should work with older versions of chat,
# but it will not be able to report the reason for a connection failure.
# Configuration parameters
# The initialization string for the modem. An initial "ATZ" will be sent
# prior to sending this string
MODEM_INIT="AT E1 M0 Q0 S0=0 S11=55 V1 &C1 &K3 &D2 +FCLASS=0"
# The phone number to dial
PHONE_NUMBER="nnn-nnn-nnnn"
# The chat sequence to recognize that the remote system
# is asking for your user name.
USER_CHAT_SEQ="ogin:--ogin:"
# The string to send in response to the request for your user name.
USER_NAME="username"
# The chat sequence to recongnize that the remote system
# is asking for your password.
PASSWD_CHAT_SEQ="word:"
# The string to send in response to the request for your password.
PASSWORD="password"
# The prompt the remote system will give once you are logged in
# If you do not define this then the script will assume that
# there is no command to be issued to start up the remote protocol.
#PROMPT="annex:"
# The command to issue to start up the remote protocol
#PROTOCOL_START="ppp"
# The string to wait for to see that the protocol on the remote
# end started OK. If this is empty then no check will be performed.
START_ACK="Switching to PPP."
# Pass a message on to diald and the system logs.
function message () {
[ $FIFO ] && echo "message $" >$FIFO
logger -p local2.info -t connect "$"
}
# Reset the modem.
message "Resetting Modem"
/usr/sbin/chat TIMEOUT 5 "" ATZ TIMEOUT 45 OK ""
if [ $? != 0 ]; then
message "Failed to reset modem"
exit 1
fi
# Initialize the modem. Its already reset.
message "Initializing Modem"
/usr/sbin/chat TIMEOUT 5 "" "$MODEM_INIT" TIMEOUT 45 OK ""
if [ $? != 0 ]; then
message "Failed to initialize modem"
exit 1
fi
# Dial the remote system.
message "Dialing system"
/usr/sbin/chat \
TIMEOUT 45 \
ABORT "NO CARRIER" \
ABORT BUSY \
ABORT "NO DIALTONE" \
ABORT ERROR \
"" ATDT$PHONE_NUMBER \
CONNECT ""
case $? in
0) message Connected;;
1) message "Chat Error"; exit 1;;
2) message "Chat Script Error"; exit 1;;
3) message "Chat Timeout"; exit 1;;
4) message "No Carrier"; exit 1;;
5) message "Busy"; exit 1;;
6) message "No DialTone"; exit 1;;
7) message "Modem Error"; exit 1;;
*)
esac
# We're connected try to log in.
message "Logging in"
/usr/sbin/chat \
TIMEOUT 5 \
$USER_CHAT_SEQ \\q$USER_NAME \
TIMEOUT 45 \
$PASSWD_CHAT_SEQ $PASSWORD
if [ $? != 0 ]; then
message "Failed to log in"
exit 1
fi
# We logged in, try to start up the protocol (provided that the
# user has specified how to do this)
if [ $PROMPT ]; then
message "Starting Comm Protocol"
/usr/sbin/chat TIMEOUT 15 $PROMPT $PROTOCOL_START
if [ $? != 0 ]; then
message "Prompt not received"
exit 1
fi
fi
if [ $START_ACK ]; then
/usr/sbin/chat TIMEOUT 15 $START_ACK ""
if [ $? != 0 ]; then
message "Failed to start Protocol"
exit 1
fi
fi
# Success!
message "Protocol started"
/etc/ppp/ip-up.local:
The local script that is run whenever the PPP link comes up. For use with diald and wvdial, the following script will start the NARC firewall and register the PPP link as the gateway to the world. It will also run the PropagateIP script to notify the world where the Web site and other services are:
#!/bin/sh
#
# This shell script is called by pppd whenever it brings up a PPP connection
# to the remote host. Its purpose is to add into the router's routing
# tables a default routing to the gateway machine at the other end of the
# PPP link. This will cause all non-specifically routed packets to be
# passed to the gateway at the other end of the PPP link for forwarding to
# the Internet.
#
# This script also registers the ppp0 device via the firewall rules script to
# change the rules so that they use the correct active device (ppp0 when the
# link is up).
#
# The parameters that pppd passes to this script are (see pppd(8)):
#
# <iface> <ttydev> <speed> <local-ip> <remote-ip> <ipparam>
#
#
# When the PPP link comes up, add the default route.
#
/sbin/route add default gw $5
#
# Register the new interface with the firewall and masquerade. This requires
# us to restart the firewall, specifying which interface to use. NARC (the
# firewall) will figure out which address to use by querying the interface
# directly.
#
/etc/rc.d/init.d/iptables restart $1
#
# Set up all of the dynamically addressed Web server links and advertise
# our WAN IP address.
#
/etc/dyndns/PropagateIP
exit 0
Note that, you'll need to make the changes, mentioned in the firewall/packetfilter section that deals with iptables, that allow the external device address to be passed to the iptables and NARC scripts.
/etc/ppp/ip-down.local:
The local script that is run whenever the PPP link goes down. For use with diald, the following script will restart the NARC firewall, telling it to masquerade and deliver packets to "sl0", by default. This will cause any Internet traffic to bring up the link. Without this script, only Internet traffic from the local machine will bring up the link:
!/bin/sh
#
# This shell script is called by pppd whenever it shuts down up a PPP
# connection to the remote host. Its purpose is to unregister the ppp0 device
# via the firewall rules script to change the rules so that they won't block
# traffic within the network.
#
# The parameters that pppd passes to this script are (see pppd(8)):
#
# <iface> <ttydev> <speed> <local-ip> <remote-ip> <ipparam>
#
#
# Restart the firewall using sl0 as the interface so that traffic bound for
# the net will bring up the connection.
#
/etc/rc.d/init.d/iptables restart sl0